1. Field of the Invention
The present invention relates to a system or method of Role Based Access Control (RBAC) for computer systems, which gains increased utility by enabling refined constraints on a role's access permissions at each request for access to an object. More particularly, permission constraints may be based upon the assessment of any or all of the subject, object, or environment information, which information may be gathered by data extraction from a variety of sources both internal to the controlled computer system and external to the controlled computer system, for evaluation relative to the constraints.
2. Discussion of the Related Art
The technique of Role Based Access Control has greatly increased the utility of computer system access control. By pre-qualifying individuals, or subjects, in an organization into defined roles (e.g., doctor, head nurse, nurse) which are granted defined permission access to operate on the records, or objects; Role Based Access Control removes the necessity of developing defined access permission for each individual user to objects within the computer system. However, networked access to objects within the computer system, e.g., electronic data, has given rise to increased concerns for security, e.g., access to data such as proprietary information within an organizational structure or the privacy of medical records. Increasingly sophisticated demands are therefore being placed on the restriction of access to objects within the computer system, leading to a need for finer-grained access control than can be managed by traditional Role Based Access Control techniques that rely only on roles (and conditions on those roles; e.g., time constraints or location constraints) to establish permission for access to objects within the computer system.
After the RBAC model of Sandhu et al. in Role Based Access Control Models, publication number 0018-9162/96, IEEE, 1996, (hereinafter “Sandhu”) several additional versions which limit role assignment, or which have increasing constraints on the granting of permissions were proposed, including: temporal and environmental limitations on role assignment. Some permission constraints have been proposed based on limited “context” evaluations such as Neumann et al., An Approach to Engineer and Enforce Context Constraints in an RBAC Environment, 2003, Association for Computing Machinery (ACM); and specialized content, such as Tzelepi et al., A Flexible Content and Context-based Access Control Model for Multimedia Medical Image Database Systems, 2001, ACM.
However, known RBAC systems have not been enabled to use context within all information categories, including and especially subject context. Further, known RBAC systems have not utilized entire categories of content since they have been limited to the controlled computer system. Thus, known RBAC systems have yet to enable system administrators to establish highly flexible constraints on a role's permission for dynamic granting of access to objects.
Thus, there is a need for an RBAC method which is enabled to gather information, i.e., seek and obtain data and compare such data to determine contexts necessary for the utilization of increasingly sophisticated constraints. There is a further need for access to be evaluated dynamically (i.e., at runtime, potentially changing throughout the duration of the session) based on constraints with respect to any or all combinations of subject information, object information, and environment information.